
History for getty_ps.  Christine Jamison  getty-info@nwmagic.net
------------------------------------------------------------------

-------------------------
Fri Apr 16 16:00:00  2004
-------------------------
	released getty 2.1.0b
	full source release
	available at ftp.nwmagic.net

Release synopsis:
     This release is an emergency patch release, to patch a security
     problem reported by various organizations.

Reported Problems with previous release:
     Security vulnerability, CERT VU#342768; also reported as SecurityFocus
     BID #2194, and CVE-2001-0119.  The problem occurs *ONLY* when getty_ps
     (getty or uugetty) is put in "debug work file mode" (either
     "#define SYSLOG" or "#define SYSL_DEBUG" is *NOT* present, and
     Debug > 0), which should *NEVER* be done in production!  Current 
     versions (2.0.8 and above) come with getty/uugetty *not* configured
     this way by default.

     However, if it *should* get configured this way inadvertantly, then
     this security bug would come out.  The details of the bug are as
     follows:

     Because getty/uugetty does not check for the existence of the debug
     workfile, when in "debug work file mode" (a mode *quite* handy for
     tracking down flaky getty bugs!) before writing to it, it is subject to
     a symlink attack.  A symlink attack is possible, because this debug
     file is put in the "/tmp" directory, which has univeral access, and the
     debug file name is easily guessable.  Simply put, a symlink attack
     occurs when a "bad" person with access to the system puts a symbolic
     link to a system file in the "/tmp" directory with the name of this
     debug file! 
     Now, when someone logins in and uses the debg file, the file that is
     *actually* written to is the file pointed to by the symlink!  Because
     getty/uugetty is run as root, there is nothing to stop getty/uugetty
     from writing to any file in the system!  This could have significant
     security implications!  Furthermore, having the debug work file erased
     if it exists before opening it and writing to it circumvents the
     entire purpose of the file!

     The *good* news is that this should *NEVER* happen in production!
     Anyone who distributes a copy of getty/ugetty with it configured in
     this manner needs their head examined!  However, it *is* possible to
     do so, so I have addressed the issue - henceforth, the patch of code
     that activates "debug file mode" will be disabled with an "#if 0",
     making it impossible to have this security bug in the future, using
     the normal configuration proceedures.  That way, I can still use it,
     should a pesky getty/uugetty bug get inadvertantly introduced during
     development in the future.

New features added in this release are:
     None.

Fixes in this release are:
 1.  Security fix for above referenced reports.

-------------------------
Fri Sep 27 07:15:00  2002
-------------------------
	released getty 2.1.0(a)
	full source release
	available at ftp.nwmagic.net

Release synopsis:
     This release is yet another maintenance release, but I have changed the
     version # to 2.1.x, as this is now glibc2 compatible.  (I just got my
     Slackware 8.0 server running!)  I did not realize just how much the
     library routines had changed over the years, but I'll be on top of it
     from now on...  Also, I did not *realize* how much improvement has been
     done to *login* programs in the last few years.... I'm running to catch
     up!

Reported Problems with previous release:
     None.

Fixes in this release are:
 1.  Added support for glibc2 libraries (but, I *did* leave the old library
     code in there, just in case some one out there is running with old
     libraries... See the LIBRARIES definition.);
 2.  Merge OLD_UTMP and new LIBRARIES definitions (we *really* need only
     one, after all);
 3.  Clean up variables (makes searches easier...);
 4.  Continue changing the style of some of the comments;
 5.  Fix the segmentation fault that occured when the @V Prompt
     Substitution;
 6.  Fix the way that the @V Prompt Substitution was processed (if VERSION
     was set in the "getty" config file, is was assumed to be text string,
     and the test to see if it was a file was skipped);
 7.  Fix the parsing routine for the config file to work correctly *all* the
     time (was causing TimeOut to not be set correctly intermittently);
 8.  Change the rules for re-prompting for a login vs. exiting the program
     and starting over (which resets the TimeOut timer, BTW);
 9.  Check the uppercase logic.  While getty sets the stty parameters
     correctly, Linux does not correctly process this at the shell;
10.  Fixed problem requiring a blank line in "gettydefs" between each entry
     (this was a left over from an *ancient* patch made to upgrade from some
     *really* old lib's);
11.  Start adding a common header to all source files.

New features added in this release are:
 1.  Change the way the login timer works (you now have TimeOut seconds to
     complete the login, after entering the login name the first time);
 2.  Added several new Prompt Substitutions (@F @M @O @R @u);
 3.  Efax-0.9 is now supported. (Although you *do* need to replace the
     spooler to make efax work reliably.  But that is *certainly* out of
     the scope of this document!)  Please See the README.uugetty file for
     further information.
 4.  Major update to the getty man pages;
 5.  Modify make install to install the man pages.

Plans for Next Release (2.1.1):
 1.   Change the way login timer works (start timer after the first keystroke);
 2.   Add user-supplied patch for really old (1990) modem;
 3.   Modify Make to install the files in Examples, for any file that is not
      present;
 4.   More code cleanups.

-------------------------
Mon Jun 10 20:25:00  2002
-------------------------
	released getty 2.0.8
	full source release
	available at ftp.nwmagic.net

			READ ALL THE RELEASE NOTES!
	THE ONES PRIOR TO THIS UNTIL 2.0.7d ARE "UNOFFICIAL" RELEASES!!

Release synopsis:
     This release is a maintenance release.  If you are using 2.0.7i or
     2.0.7j, this release is *MANDATORY*!!  There were bugs introduced in
     2.0.7i, which this release fixes.  Also, as the lowest non-EC speed
     is 1200 baud, 1200 baud has been re-established in this release.
     (And, I left 4800 baud in, even though it's not referenced in
     /etc/gettydefs and I can't see *any* use for it.... ONCE, I used 4800
     baud on a dumb VDT, when the serial cable was over 700 feet!)

Reported Problems with previous release:
     Lots of little, intermittent bugs.

The fixes in this release are:
 1.  Change the ownership of the port while logging in with uugetty (This
     removes the need for the "cua?" alternate port for modems; but, the
     code to support the alternate port is still here);
 2.  Add a "sleep(7)" beween each of the 3 tries (from 2.0.7i) when the port
     is busy on initial open, so that getty and uugetty will not start and
     stop so frequently that init disables it (for 5 mins, typically);
 3.  Change *when* the 10-second elapsed-time timer is started and stopped
     (this bug had the *wonderful* side-effect of disabling the WAITCHAR
     option);
 4.  Change the style of some of the comments;
 5.  Add back in 1200 baud as a valid option (the highest common non-ECC
     speed);
 6.  Explicitly force the DTR signal to drop (by closing the stdin, stdout,
     and stderr and then doing a sleep(1)), so that modems will hang up
     (which on most modems does a reset), as they should when the (uu)getty
     is killed, or the process logs out.


Plans for Next Release (2.0.9):
     more code cleanups

-------------------------
Fri Feb 21 1997
-------------------------

	released getty 2.0.7j

Release synopsis:
     If you're using 28.8 modems or faster for dialins, you probably want
     to upgrade.  This release is happening only because of an unbearable
     number of pleas from Usenet.  Please read the Serial-HOWTO before you
     post questions in the comp.os.linux.* and linux.dev.* groups. 
	
     uugetty and getty should now accept 57600, 115200 and 230400 as valid
     speeds.  Hopefully this will keep us going for six months until we
     need to up them again.

     This release DOES NOT support speeds lower than 2400!

     If you're trying to use adaptive answer with Hylafax's faxgetty, you
     should use agetty which will accept a connection from stdin.	

     No support for this release.

Sho Nakagama
bbs.fdu.edu

-------------------------
Sun Apr 28 15:00:00  1996
-------------------------

	released getty 2.0.7i

Release synopsis:
	If you're using 'uugetty' for dial-in's, you should upgrade
	to this release.

	uugetty sometimes hangs while trying to open() a modem port.
	The last line from /usr/adm/debug will look like ...
		"... D_INIT: opening line /dev/ttyS1"

	This release fixed the above problem so that failure to open the
	"tty" after 3 attempts will terminate the program so that init
	can restart another uugetty, rather than hanging forever!

Jeff Chua
jchua@fedex.com
April 28 96

-------------------------
Date Unknown
-------------------------

	released getty 2.0.7h

Release synopsis:
     This release fixes a bug that I saw a long time ago, but it went
     away . . .  until now (while upgrading to 1.3.xx kernel).  The problem
     shows up as a segmentation fault if the term type is not specified for
     a getty or uugetty process.  I have not been specifying the terminal
     type for serial lines in my /etc/inittab file.  For example, I have

     # Serial lines
     s0:5:respawn:/sbin/uugetty ttyS0 38400

     as opposed to

     # Serial lines
     s0:5:respawn:/sbin/uugetty ttyS0 38400 vt100

     In my case, uugetty would default to a term type of 'unknown' and
     would never initialize its clear screen variable (clrscr), causing a
     segmentation fault every time the login process began.  A minor fix,
     so it should work either way now.

Mike Blatchley
Mike_Blatchley@maxtor.com

-------------------------
Date Unknown
-------------------------

	released getty 2.0.7g

Release synopsis:
     This releases is a minor modification of the 2.0.7f `release'.  The
     main problem with 2.0.7f is that some files are missing which are
     necessary for the compilation.  2.0.7g contains the missing files
     (uufuncs.* and utmp2.c which can be obtained from the getty_ps-2.0.7e
     and the agetty-1.9.1a packages).

     I also fixed two bugs.  Getty now should work even if there is no
     utmp entry for the line on startup.

     The other bug I fixed is not really a bug, only a necessary change to
     make callout programs work together with getty (and its WAITFOR
     option) on future kernels.  The problem is that POSIX allows to
     implicitly vhangup() a terminal when the session leader of the
     terminal exits.  With the WAITFOR or WAITCHAR option getty waits for a
     character on its standard input.  When a character arrives it checks
     for logs on the line and if it finds one, it exits.  But this exit may
     vhangup() the callout program which locked the device.  To prevent
     this, in this version getty drops its controlling terminal before
     exiting.

     In this version getty does a chmod(devname, 0600) before it opens and
     vhangups the terminal.

     Note that at present it seems that there is not maintainer for getty_ps. 
     The original maintainer no longer works on it.  I do not maintain it
     either.  If you would like to become a maintainer, please contact
     Kris Gleason <gleasokr@boulder.colorado.edu>, but do not mention getty
     in the subject since Kris has a mail robot which drops these messages.

     In this package I included precompiled elf binaries.  a.out binaries
     dynamically linked with libc.so.4.5.26 are also available, just unpack
     the aout-bins.tgz archive.

Zoltan Hidvegi
hzoli@cs.elte.hu

-------------------------
Date Unknown
-------------------------

	released getty 2.0.7f

Release synopsis:
     The current getty's under Linux change the 2-character vector ut_id to
     be the first 2 characters of the line.  This causes problems for
     3-character names of ports such as ttyS20 because ttyS20, ttyS21, etc
     all get the same abbreviation. 

     In addition, the utmp2.c file as distributed keys off ut_id to determine
     which utmp entry to replace in "setutent", so changing the ut_id field
     confuses setutent.

     These problems lead to only one such terminal being seen from "who",
     "finger", "talk", etc, as well as infinite growth of /etc/utmp.

     Init sets up ut_id from the 2-character key at the front of each line
     of the /etc/inittab file, and the mods to getty_ps in this directory
     cause it to leave that key untouched.

     The mods to getty_ps in this directory appear to fix the problems
     mentioned above.

     The following output of /usr/src/init/dump < /etc/utmp shows correct
     utmp entries generated by a fixed agetty (for tty2-tty6) and incorrect
     entries generated by a broken uugetty (ttyC* and tty1):

Utmp dump of stdin
[5] [22634] [c1]                       Jul 27 13:32:59
[6] [22588] [c2]          tty2         Jul 27 13:27:25
[6] [22589] [c3]          tty3         Jul 27 13:27:29
[7] [22317] [c5] alan     tty5         Jul 27 13:16:58
[6] [22718] [c4]          tty4         Jul 27 13:43:25
[6] [22593] [c6]          tty6         Jul 27 13:27:41
[5] [22724] [t8]                       Jul 27 13:43:36
[6] [22724] [  ]          ttyC14       Jul 27 13:43:37
[0] [00000] [  ]                       Dec 31 17:00:00
[0] [00000] [  ]                       Dec 31 17:00:00
[0] [00000] [  ]                       Dec 31 17:00:00
[0] [00000] [  ]                       Dec 31 17:00:00
[0] [00000] [  ]                       Dec 31 17:00:00
[6] [22634] [1 ]          tty1         Jul 27 13:33:00

     This is showing alan logged in on tty5, with tty2, tty3, tty4, and tty6
     waiting in agetty.  The [5]'s are in init, [6]'s are getty/login,
     [7]'s are user processes, and [0]'s are free entries.  It should be
     unusual to see a process in init if the terminal is enabled.

     The duplicate entries for pid's 22634 and 22724 for ttyC14 are caused
     by the broken gettys.

     Note that utmp seems to be growing, in that there are 5 empty entries
     but tty1's entry got stuck at the end of the file.  The released
     utmp2.c, in setutent, fails to find the entry for tty1 (because its
     searching for "1 " and the original entry was "c1") and so it adds
     another entry at the end of the file.

     Because pty's won't have unique ut_id's either, the regular utmp code
     won't work for them.  I've added a "rewriteutent" call which just
     overwrites the last entry returned by getutent.  This eliminates
     the sequential search that setutent was performing to match ut_id,
     so performance should be improved as well as reliability.

Alan Wendt
alan@ezlink.com

-------------------------
Tue May 17 01:25:09  1994
-------------------------
	released getty 2.0.7d
	full source release
	available at tsx-11.mit.edu and sunsite.unc.edu

Reported Problems with previous release:
	none worth mentioning

Changes for this release:
	cleaned up SCHED code a bit, other minor cleanups
	added a macro for alarm() and signal() that produces 
	  debugging output each time these are called
	added proper support for FIDO calls

Plans for Next Major Release (2.0.8):
	more major code cleanups
	Fax receive
	major rewrite of chat sequence handling to facilitate 
	  creeping featurism
	Callback [not ringback] support
	major rewrite of defaults file and gettydefs file processing
	utmp/wtmp logging of fax receives and fido calls
	proper ownerships and modes for tty lines (configurable?)

-------------------------
Sun Mar 13 12:53:24  1994
-------------------------
	released getty 2.0.7d-beta
	full source release, as well as diffs against 2.0.7d-alpha
	available at boulder.colorado.edu:/pub/linux/getty_ps
	released to mailing list for testing only

Reported Problems with previous release:
	vhangup() and controlling tty code still not quite correct
	second open should not have been retried on EAGAIN
	variable substitutions of '@c' produce nothing when 'c' is
	  not a recognized variable
	utmp logging broken for users of simpleinit
	logging via syslog cordumped
	dprint() not working

Changes for this release:
	fixed vhangup() and controlling tty code -- hopefully for
	  the last time
	changed handling of '@c' variable substitutions so that if
	  'c' is not recognized, @c is just passed through as is
	exit if second open() returns EAGAIN
	correct unified handling of utmp regardless of the init 
	  program being used
	changed all instances of 'connect' to 'Connect' ... this was
	  causing syslog() to coredump (the dynamic linker seems to
	  replace the connect system call with the global variable
	  connect).
	fixed dprint() (twice) to allocate its buffer in static 
	  memory so that I can return a pointer to it without it
	  disappearing
	added signal handlers for QUIT, TERM, and SEGV to produce
	  logging output
	cleaned up the Makefile a little bit (make depend works now,
	  and make lint is gone)
	a few minor code cleanups

Plans for Next Minor Release (2.0.7d):
	Possibly incorporate FIDO patches into the source
	There may be other unknown bugs
	Update ducumentation to reflect new options

Plans for Next Major Release (2.0.8):
	more major code cleanups
	Fax receive
	FIDO calls implemented correctly
	major rewrite of chat sequence handling to facilitate 
	  creeping featurism
	Callback [not ringback] support
	major rewrite of defaults file and gettydefs file processing
	utmp/wtmp logging of fax receives and fido calls
	proper ownerships and modes for tty lines (configurable?)

-------------------------
Mon Mar  7 15:13:44  1994
-------------------------
	released getty 2.0.7d-alpha
	full source release
	available at boulder.colorado.edu:/pub/linux/getty_ps
	released to mailing list for testing only

Reported Problems with previous release:
	bum patches (2.0.7c) -- patches broke more than they fixed
	incompatibility with 0.99.15 and higher kernels

Changes for this release:
	major source code cleanups
	added syslog support for logerr() and debug()
	changed debug() and logerr() to use stdarg instead of varargs
	more verbose debug() output:
	  added strerror(errno) to many debug calls
	  added printing of debug facility
	  syslog support
	more verbose logerr() output:
	  added strerror(errno) to many logerr calls
	  syslog support
	corrected line initialization:
	  line correctly opened, and vhangup()'d
	  initial termios settings set correctly
	  process group & controlling terminal correctly established
	  EAGAIN return from open() handled correctly
	bug fixes:
	  wtmp file is locked before writing to prevent corruption
	  small bug fix in nextword()
	  getty -c should work correctly now
	  getty -t also works now
	deprecated code
	  removed TRYMAIL support for error logging
	  removed watchlocks() now that serial drivers take care of this

Plans for Next Minor Release (2.0.7d):
	Bug fixes:  the following known bugs exist
	  syslog is there but does not work
	  a few debug() calls do not do the right thing
	There may be other unknown bugs
	Update ducumentation to reflect new options
	Clean up the Makefile (add a make depend, etc...)

Plans for Next Major Release (2.0.8):
	more major code cleanups
	Fax receive
	FIDO calls implemented correctly
	major rewrite of chat sequence handling to facilitate 
	  creeping featurism
	Callback [not ringback] support
	major rewrite of defaults file and gettydefs file processing
	utmp/wtmp logging of fax receives and fido calls
	proper ownerships and modes for tty lines (configurable?)

-------------------------
Mon Jan 10 04:19:31  1994
-------------------------
	released getty 2.0.7c
	patch kit against 2.0.7b
	available at tsx-11.mit.edu, sunsite.unc.edu
	posted patches to c.o.l.a, serial channel

Changes for this release:
	various patches for compatibility with serial drivers
	appearing in 0.99.15 kernel

-------------------------
Tue Apr 20 04:00:00  1993
-------------------------
	released getty 2.0.7b
	full sources
	binaries linked with libc 2.3.3
	available at tsx-11.mit.edu, sunsite.unc.edu

Changes for this release:
	getty/uugetty:
	  fixed the following bugs:
		fd 0 was left open from utmp updating, close
		INITLINE was not being used properly for WAITFOR 
Plans for Next Release:
	syslog support (maybe)
	NICE= option to allow renicing a login process
	more source code cleanups, including analysis of configuration
	  files to attempt to determine instalation problems, and give
	  a description of how to fix them (in english).  :) :)

	  such as:  WAITFOR used without INITLINE
		    RINGBACK used without WAITFOR
		    arguments in the wrong order (speed, tty)
		    and more... 

-------------------------
Sat Apr 17 00:00:00  1993
-------------------------
	released getty 2.0.7
	full sources
	binaries linked with libc 2.3.3
	available at tsx-11.mit.edu, sunsite.unc.edu

Changes for this release:
	getty/uugetty:
	  removed syslog stuff since it didn't work... maybe another time
	  various bug fixes


-------------------------
Sat Apr 10 23:00:00  1993
-------------------------
	completed getty 2.0.7 beta
	release to mailing list for testing only

Changes for this release:
	getty/uugetty:
	  incorporated Shane Alderton's ringback and syslog patches
	  incorporated Rob Janssen's bugfix patches
	  -D RBGETTY and -D USESYSLOG options for building added

Plans for Next Release:
	public release... full documentation of new features
	fix any bugs reported by beta testers (of course...)
	fix syslog stuff.. it coredumps like mad

-------------------------
Fri Apr 2  23:00:00  1993
-------------------------
	completed getty 2.0.7 alpha
	(no public release)

Reported Problems with previous release:
	getty/uugetty:
	  still problems with job control on tty 1; a result of
	  an incompatibility with sysvinit.  flickering DTR with
	  uugetty.

Changes for this release:
	getty/uugetty:
	  totally reworked main.c, added uufuncs.c, main.h, uufuncs.h
	  in order to clean up the source code.  Added INITLINE so that
	  line initialization can be done over a separate device.
	  reincorporated support for the WAITFOR option.
	uugetty:
	  fork off a child to watch for lockfiles instead of using
	  alarm clocks, so that DTR is not disturbed (only if WAITFOR
	  is not used)

Plans for next release:
	getty/uugetty:
	  apply the ringback patches (by hand), and the various other
	  patches.
	Documentation:
	  move all of (4) to (5) to match the Linux manual scheme.
	  document INITLINE and ringback options in the man pages, README.  
	  create several more examples of possible configurations.
	testing:
	  beta release to people on the mailing list

-------------------------
Thu Mar 18 23:23:59  1993
-------------------------
	released getty_ps 2.0.6b
	experimental testing release
	available at:
	  tsx-11.mit.edu:/pub/linux/sources/sbin/getty_ps2.0.6b.tar.z
	  sunsite.unc.edu:/pub/Linux/Incoming
	package:
	  full sources
	  binaries for getty/uugetty 
	    compiled with gcc2.3.3, linked with libc.so.4.3.2
	  documentation
	  patch against version 2.0.6a

Reported Problems with previous release:
	getty/uugetty:
	  problems with job control for some users  ^\ ^C ^Z
	  flickering DTR line (not addressed in this release)
	  compiler warnings

Changes for this release:
	getty/uugetty: (main.c)
	  added POSIX job control stuff -- should fix job control
	  cleaned up compiler warnings; -Wall reports no warnings now

-------------------------
Fri Mar 12 03:00:39  1993
-------------------------
	released getty_ps 2.0.6a
	available at:
	  tsx-11.mit.edu:/pub/linux/Incoming
	  sunsite.unc.edu:/pub/Linux/Incoming
	package:
	  full sources
	  binaries for getty/uugetty 
	    compiled with gcc2.3.3, linked with libc.so.4.3.2
	  documentation
	  patch against version 2.0.6

Changes for this release:
	uugetty: (main.c)
	  fixed a stupid bug... time call replaced in alarm rescheduling

-------------------------
Thu Mar 11 02:09:33  1993
-------------------------
	released getty_ps 2.0.6
	available at:
	  tsx-11.mit.edu:/pub/linux/Incoming
	  sunsite.unc.edu:/pub/Linux/Incoming
	announcement to:
	  comp.os.linux.announce
	package:
	  full sources
	  binaries for getty/uugetty 
	    compiled with gcc2.3.3, linked with libc.so.4.3.2
	  documentation

Changes for this release:
	documentation:
		rewrote README.linux, using old version as a skeleton
		wrote README.ANNOUNCE
		changed getty.1 to reflect changes
		retained old documentation in OLD/

	/etc/gettydefs:
		no changes

	/etc/defaults/*getty*
		removed WAITFOR=RING 
		changed INIT to autoanswer
		added OFF to disable autoanswer

	uugetty: (main.c)
		added lockfile monitoring for modem reinitialization.
		adapted to work with scheduler.
	         
	getty: (main.c)
		added simple scheduling mechanism:
		  included support for SCHED line.
		  support for OFF line for disabled initialization.

		adapted for use with callout devices:
		  close line after initialization.
		  reopen line, blocking on carrier detect.
		  wait until line is free before doing initialization.

	tune.h:
		added #defines to compile in new configuration options

	getty.h:
		added debugging level D_SCH 0400 for scheduling debugging
